package com.jelly.config.shiro.realm;

import com.jelly.common.util.ListUtil;
import com.jelly.config.shiro.token.ShiroToken;
import com.jelly.web.modules.system.permission.domain.Permission;
import com.jelly.web.modules.system.role.domain.Role;
import com.jelly.web.modules.staff.user.domain.User;
import com.jelly.web.modules.staff.user.domain.UserAndRoleAndPermission;
import com.jelly.web.modules.staff.user.service.IUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.io.Serializable;
import java.util.HashSet;
import java.util.List;

/**
 * <h4>功能:【身份认证realm】【创建人：qiaoliang】</h4>
 *
 * @时间:2018/7/2 0002 9:58
 * @备注:<h4></h4>
 */
public class MyShiroRealm  extends AuthorizingRealm implements Serializable {

    @Autowired
    private IUserService userService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //获取当前登录用户对象
        User user = (User)super.getAvailablePrincipal(principals);

        //当前用户不为空时查询用的角色权限信息交给shiro
        if(null != user){

            UserAndRoleAndPermission userAndRoleAndPermission = userService.getUserIdAndRoleAndPermission(user.getUserId());

            if(null != userAndRoleAndPermission){

                //获取角色详情
                List<Role> roleList = userAndRoleAndPermission.getRoleList();

                //当用户有角色时查询角色下的权限信息
                if(ListUtil.isNotList(userAndRoleAndPermission.getRoleList())){

                    //取出所有的角色的id
                    List<String> roleIdList = ListUtil.getFieldValues(roleList,"roleId");

                    //通过角色的id获取角色下的权限详情
                    List<Permission> permissionList = userAndRoleAndPermission.getPermissionList();

                    //判断角色下的权限信息 如果为空只赋值角色信息
                    if(ListUtil.isNotList(permissionList)){

                        //取出权限的标识
                        List<String> perRouteList = ListUtil.getFieldValues(permissionList,"perRoute");

                        //权限标识赋值给shiro
                        info.setStringPermissions(new HashSet<String>(perRouteList));

                    }

                    //取出角色的标识
                    List<String> roleRouteList = ListUtil.getFieldValues(roleList,"roleRoute");

                    //角色标识赋值给shiro
                    info.setRoles(new HashSet<String>(roleRouteList));

                }

            }
        }
        return info;

    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        //获取用户名及密码
        ShiroToken usernamePasswordToken = (ShiroToken)token;

        //用户名
        String account = usernamePasswordToken.getUsername();

        //查询用户的信息
        User user = userService.getLoginAccount(account,usernamePasswordToken.getPasswords());

        //使用账号ID作为盐值
        ByteSource credentialsSalt = ByteSource.Util.bytes(user.getUserId());
        //若存在，将此用户存放到登录认证SimpleAuthenticationInfo中，无需自己做密码对比，Shiro会为我们进行密码对比校验
        return new SimpleAuthenticationInfo(user, user.getPassword(),credentialsSalt, getName());
    }

}